<?php
include 'Config.php';
$user2 = addslashes($_POST['Username2']);
$password2 = addslashes($_POST['Password2']);
$authenticated = 0;
$target = addslashes($_POST['targetpos']);

if (isset($target) && isset($user2) && isset($password2)) { 

$enlace =  mysqli_connect($server, $user, $password, "auth");
if (!$enlace) {
    die('Unable to connect.');
}

if (!isset($target)) {
$target=0; #El numero en el array para buscar pjs
}

echo "
<!DOCTYPE HTML>
<!-- Website Template by freewebsitetemplates.com -->
<html>
<head>
	<meta charset=\"UTF-8\">
	<title>Archimonde's Armory</title>
	<link rel=\"stylesheet\" href=\"css/style.css\" type=\"text/css\">
</head>
<body>
	<div id=\"background\">
		<div id=\"header\">
			<div>
				<div>

					<ul>
						<li>
							<a href=\"index.php\" id=\"menu1\">Connect</a>
						</li>
						<li class=\"selected\">
							<a href=\"\" id=\"menu2\">Armory</a>
						</li>
						<li>
							<a href=\"About.php\" id=\"menu3\">About</a>
						</li>
						
					</ul>
				</div>
			</div>
		</div>
		<div id=\"body\">
			<div>
				<div>
					<div class=\"about\">
						<div class=\"content\">
							<ul>
								<li>
									<h3>Server Status</h3>
									<div>
<tt>
<img id=\"War\" name=\"War\" height=\"48\" width=\"48\" src=\"./images/War.png\"><BR><BR><BR>
<b>Server Requested</b>: "; echo $server;
echo "<br> <b>Username</b>: ";
echo $user2;
echo "<br><b>Version</b>: 3.3.5";
$query = "SELECT * FROM account WHERE username='$user2'";
$resultado = mysqli_query($enlace, $query);
while ($row = mysqli_fetch_assoc($resultado)) {
    $id = $row["id"];
$compass = $row["sha_pass_hash"];
}
#Preparamos el hash que es USER:PASS en mayusculas
$compare = strtoupper(sha1("".strtoupper($user2).":".strtoupper($password2).""));
if ($compare == $compass) {
$authenticated = 1;
echo "<BR><b>Authenticated</b>: True";
} else {
echo "<BR><BR><b>Authenticated</b>: Error<BR><BR><b>Your in-game password is incorrect. Go back to connection panel.</b>";
}
$query = "SELECT * FROM realmlist";
$resultado = mysqli_query($enlace, $query);
while ($row = mysqli_fetch_assoc($resultado)) {
    $name = $row["name"];
$address = $row["address"];
}
echo "
<BR><b>Server Name</b>: ";
echo $name;
echo "<BR><b>Server IPs</b>: ";
echo $address;
echo "
</tt>																												</div>
								
									<h3>Character Status</h3>
									<div>
<tt>";
if ($authenticated == 0) {
echo "You must be logged in to view your characters";
} else {
mysqli_select_db($enlace, "characters");
$query = "SELECT * FROM characters WHERE account='$id'";
$resultado = mysqli_query($enlace, $query);
    $name = array();
$race = array();
$class = array();
$gender = array();
$level = array();
$money = array();
$xp = array();
$health = array();
$power = array();
$online = array();
$arena = array();
$honor = array();
while ($row = mysqli_fetch_array($resultado)) {
    $name[] = $row["name"];
$race[] = $row["race"];
$class[] = $row["class"];
$gender[] = $row["gender"];
$level[] = $row["level"];
$money[] = $row["money"];
$xp[] = $row["xp"];
$health[] = $row["health"];
$power[] = $row["power1"];
$online[] = $row["online"];
$arena[] = $row["arenaPoints"];
$honor[] = $row["totalHonorPoints"];

}
echo "<b>$name[$target] - Lvl $level[$target]</b><BR><BR>";

if ($gender[$target] == 0) {
$agender = "2";
} else {
$agender = "1"; //Valores para las fotos de retrato
}

if ($race[$target] == 10) {
echo "<img id=\"portrait\" src=\"./images/BElf".$agender.".png\">";
$faccion = 1;
$longname = "B. Elf";
} elseif ($race[$target] == 11) {
echo "<img id=\"portrait\" src=\"./images/Draenei".$agender.".png\">";
$faccion = 0;
$longname = "Draenei";
}
elseif ($race[$target] == 8) {
echo "<img id=\"portrait\" src=\"./images/Troll".$agender.".png\">";
$faccion = 1;
$longname = "Troll";
}elseif ($race[$target] == 7) {
echo "<img id=\"portrait\" src=\"./images/Gnome".$agender.".png\">";
$faccion = 0;
$longname = "Gnome";
}elseif ($race[$target] == 6) {
echo "<img id=\"portrait\" src=\"./images/Tauren".$agender.".png\">";
$faccion = 1;
$longname = "Tauren";
}elseif ($race[$target] == 5) {
echo "<img id=\"portrait\" src=\"./images/Undead".$agender.".png\">";
$faccion = 1;
$longname = "Undead";
}elseif ($race[$target] == 4) {
echo "<img id=\"portrait\" src=\"./images/Elf".$agender.".png\">";
$faccion = 0;
$longname = "N. Elf";
}elseif ($race[$target] == 3) {
echo "<img id=\"portrait\" src=\"./images/Dwarf".$agender.".png\">";
$faccion = 0;
$longname = "Dwarf";
}elseif ($race[$target] == 2) {
echo "<img id=\"portrait\" src=\"./images/Orc".$agender.".png\">";
$faccion = 1;
$longname = "Orc";
}elseif ($race[$target] == 1) {
echo "<img id=\"portrait\" src=\"./images/Human".$agender.".png\">";
$faccion = 0;
$longname = "Human";
}
echo "&nbsp;&nbsp;&nbsp;";
//Clases
if ($class[$target] == 9) {
echo "<img id=\"portrait\" src=\"./images/WA.png\">";
$longc = "Warlock";
} elseif ($class[$target] == 11) {
echo "<img id=\"portrait\" src=\"./images/DR.png\">";
$longc = "Druid";
}
elseif ($class[$target] == 8) {
echo "<img id=\"portrait\" src=\"./images/MA.png\">";
$longc = "Mage";
}elseif ($class[$target] == 7) {
echo "<img id=\"portrait\" src=\"./images/SH.png\">";
$longc = "Shaman";
}elseif ($class[$target] == 5) {
echo "<img id=\"portrait\" src=\"./images/PR.png\">";
$longc = "Priest";
}elseif ($class[$target] == 4) {
echo "<img id=\"portrait\" src=\"./images/RO.png\">";
$longc = "Rogue";
}elseif ($class[$target] == 3) {
echo "<img id=\"portrait\" src=\"./images/HU.png\">";
$longc = "Hunter";
}elseif ($class[$target] == 2) {
echo "<img id=\"portrait\" src=\"./images/PA.png\">";
$longc = "Paladin";
}elseif ($class[$target] == 1) {
echo "<img id=\"portrait\" src=\"./images/WR.png\">";
$longc = "Warrior";
} else {
echo "<img id=\"portrait\" src=\"./images/DK.png\">";
$longc = "D. Knight";
}
echo "&nbsp;&nbsp;&nbsp;";
//Arena
echo "<img id=\"portrait\" src=\"./images/Arena.png\"> &nbsp;&nbsp;&nbsp;
<img id=\"portrait\" src=\"./images/Honor.png\">
&nbsp;&nbsp;&nbsp;
";
if ($arena[$target] == 0) {
$arena[$target] = "None yet";
}
if ($honor[$target] == 0) {
$honor[$target] = "None yet";
}
//Faccion
if ($faccion == 0) {
echo "<img id=\"portrait\" src=\"./images/Alliance.png\"><BR><BR>
$longname &nbsp;&nbsp;&nbsp; $longc &nbsp;&nbsp;&nbsp; $arena[$target] &nbsp;&nbsp;&nbsp; $honor[$target] &nbsp;&nbsp;&nbsp; Alliance";
} else {
echo "<img id=\"portrait\" src=\"./images/Horde.png\"><BR><BR>
$longname &nbsp;&nbsp;&nbsp; $longc &nbsp;&nbsp;&nbsp; $arena[$target] &nbsp;&nbsp;&nbsp; $honor[$target] &nbsp;&nbsp;&nbsp;&nbsp; Horde
";
}
//Stats
echo "<BR><BR>&nbsp;&nbsp;&nbsp;";
echo "<img id=\"portrait\" src=\"./images/Health1.png\">";
echo "&nbsp;&nbsp;&nbsp;";
echo "<img id=\"portrait\" src=\"./images/Mana.png\">";
echo "&nbsp;&nbsp;&nbsp;";
echo "<img id=\"portrait\" src=\"./images/XP.png\">";
echo "&nbsp;&nbsp;&nbsp;";
echo "<img id=\"portrait\" src=\"./images/Gold.png\">";
echo "&nbsp;&nbsp;&nbsp;";
if ($online[$target] == 1) {
echo "<img id=\"portrait\" src=\"./images/Online.png\">";
$isonline = "Online";
} else {
echo "<img id=\"portrait\" src=\"./images/Offline.png\">";
$isonline = "Offline";
}

echo "
<BR><BR>
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; $health[$target] &nbsp;&nbsp;&nbsp;&nbsp; $power[$target] &nbsp;&nbsp;&nbsp;&nbsp; $xp[$target] &nbsp;&nbsp;&nbsp;&nbsp; $money[$target] &nbsp;&nbsp;&nbsp;&nbsp; $isonline";
}
echo "
</tt>									</div>
							
						</div>
						<div class=\"aside\">
							<ul>
								<li>
									<h3>Character List</h3>
									<div>";
										
if ($authenticated == 0) {
echo "You must be logged in to view your characters";
} else {
mysqli_select_db($enlace, "characters");
$i = 0;
$query = "SELECT * FROM characters WHERE account='$id'";
$resultado = mysqli_query($enlace, $query);
while ($row = mysqli_fetch_assoc($resultado)) {
    $name = $row["name"];
$race = $row["race"];
$class = $row["class"];
$gender = $row["gender"];
$level = $row["level"];
$money = $row["money"];
$xp = $row["xp"];
$health = $row["health"];
$power = $row["power1"];
$online = $row["online"];
echo "
<form action=\"Armory.php\" method=\"POST\">
<input type=\"hidden\" id=\"targetpos\" name=\"targetpos\" value=\"$i\">
<input type=\"hidden\" id=\"Username2\" name=\"Username2\" value=\"$user2\">
<input type=\"hidden\" id=\"Password2\" name=\"Password2\" value=\"$password2\">
<input type=\"submit\" id=\"poisondoor\" name=\"poisondoor\" value=\"$name\"></form><BR>";
echo "<br>";
$i = $i + 1;
}
}	echo"								</div>
								</li>
								<li>
									<h3>Account Details</h3>
									<div>";
if ($authenticated == 0) {
echo "You must be logged in to view your account details";
} else {
mysqli_select_db($enlace, "auth");
$i = 0;
$query = "SELECT * FROM account WHERE id='$id'";
$resultado = mysqli_query($enlace, $query);
while ($row = mysqli_fetch_assoc($resultado)) {
    $ip = $row["last_ip"];
$online = $row["online"];
$expansion = $row["expansion"];
}
if ($online == 0) {
$online == "No";
} else {
$online == "Yes";
}
if ($expansion == 0) {
$expansion == "Before the Storm";
} elseif ($expansion == 1) {
$expansion == "The Burning Crusade";
} elseif ($expansion == 2) {
$expansion = "Wrath of the Lich King";
}
echo "<tt>
<b>Last Ip</b>: $ip <BR><BR>
<b>Online</b>: $online <BR><BR>
<b>Expansion</b>: $expansion <BR>
</tt>									</div>
								</li>
							</ul>
						</div>
					</div>
				</div>
			</div>
		</div>
		<div id=\"footer\">
			<div>
				<ul>
<li id=\"facebook\">
						<a href=\"http://facebook.com/mauroeldritch\">facebook</a>
					</li>
					
					<li id=\"googleplus\">
						<a href=\"https://plus.google.com/111546856495585437892\">googleplus</a>
					</li>
				</ul>
				<p>
					@ copyright 2012. all rights reserved.
				</p>
			</div>
		</div>
	</div>
</body>
</html> ";}
} else {
echo "
<html>
<head>
<script>
function mauro() {
window.location = \"index.php\";
}
</script></head>
<body onload=\"mauro()\";/>
</body>
</html>
";
}
?>
